1. 2. The Student Loan Application Office (SLAO) of Country A's Government has decided to build...
Fantastic news! We've Found the answer you've been seeking!
Question:
Transcribed Image Text:
1. 2. The Student Loan Application Office ("SLAO") of Country A's Government has decided to build an electronic student loan application submission system. After the system is built, SLAO will only accept applications electronically. One potential issue is that there will be a large number of uploads around the application deadline which imposes extremely heavy loading on the upload server. Design a protocol to help the SLAO to resolve this issue by spreading out uploads over a period of time. The following are the key assumptions and requirements. Assumptions: (A1) The size of the applications are large. (A2) All participants have X.509 digital certificates. Requirements: (R1) Applicants must generate their applications before the deadline but do not need to upload the applications by the deadline. Instead, the generated applications can be uploaded over a period of eight weeks after the deadline. (R2) Applicants must not be able to modify their applications after the deadline even if the applications have not been uploaded. (a) Provide a detailed description of your protocol by stating all steps and cryptographic operations/services that are used. State all other assumptions you need clearly in your answer. (b) Explain how your protocol can fulfill the stated requirements. In the following protocol, let N be a trusted third party, KXN be a pre-shared secret key between a user N and a user X, Rx be a nonce generated by X, and Ks be a session key. 1. XY: X|| Rx 2. Y N: Y|| Ry || EK (X || Rx) 3. 4. XY: EK NX: Ry || EK (Rx || Ks) || EK, (X|| Ks) XN Y: EK (X|| Ks) || EK, (Ry) YN (a) The objective of the protocol is to facilitate users X and Y to share a fresh secret key with each other. (i) Show that Ada, an attacker, can fool X into sharing with her a session key that X thinks has securely established with Y. (ii) Show that if the nonces and the session keys are of the same size, then Carol can fool Yinto sharing with her a session key that Ythinks has securely established with X (b) Modify the protocol to counter the attacks you have identified in (a) (i) and (a) (ii). 3. Explain how viruses might spread in computer systems in the following scenarios. (a) The Biba Integrity policy is adopted and (i) a virus is attached to a file at system low; (ii) a virus is attached to a file at system high. (b) The Bell-LaPadula policy is adopted and 1. 2. The Student Loan Application Office ("SLAO") of Country A's Government has decided to build an electronic student loan application submission system. After the system is built, SLAO will only accept applications electronically. One potential issue is that there will be a large number of uploads around the application deadline which imposes extremely heavy loading on the upload server. Design a protocol to help the SLAO to resolve this issue by spreading out uploads over a period of time. The following are the key assumptions and requirements. Assumptions: (A1) The size of the applications are large. (A2) All participants have X.509 digital certificates. Requirements: (R1) Applicants must generate their applications before the deadline but do not need to upload the applications by the deadline. Instead, the generated applications can be uploaded over a period of eight weeks after the deadline. (R2) Applicants must not be able to modify their applications after the deadline even if the applications have not been uploaded. (a) Provide a detailed description of your protocol by stating all steps and cryptographic operations/services that are used. State all other assumptions you need clearly in your answer. (b) Explain how your protocol can fulfill the stated requirements. In the following protocol, let N be a trusted third party, KXN be a pre-shared secret key between a user N and a user X, Rx be a nonce generated by X, and Ks be a session key. 1. XY: X|| Rx 2. Y N: Y|| Ry || EK (X || Rx) 3. 4. XY: EK NX: Ry || EK (Rx || Ks) || EK, (X|| Ks) XN Y: EK (X|| Ks) || EK, (Ry) YN (a) The objective of the protocol is to facilitate users X and Y to share a fresh secret key with each other. (i) Show that Ada, an attacker, can fool X into sharing with her a session key that X thinks has securely established with Y. (ii) Show that if the nonces and the session keys are of the same size, then Carol can fool Yinto sharing with her a session key that Ythinks has securely established with X (b) Modify the protocol to counter the attacks you have identified in (a) (i) and (a) (ii). 3. Explain how viruses might spread in computer systems in the following scenarios. (a) The Biba Integrity policy is adopted and (i) a virus is attached to a file at system low; (ii) a virus is attached to a file at system high. (b) The Bell-LaPadula policy is adopted and
Expert Answer:
Answer rating: 100% (QA)
The detailed answer for the above question is provided below Answer 1 Protocol for Spreading out Student Loan Application Uploads a Detailed Protocol Description Assumptions A1 Large application sizes ... View the full answer
Related Book For
Posted Date:
Students also viewed these operating system questions
-
Planning is one of the most important management functions in any business. A front office managers first step in planning should involve determine the departments goals. Planning also includes...
-
Managing Scope Changes Case Study Scope changes on a project can occur regardless of how well the project is planned or executed. Scope changes can be the result of something that was omitted during...
-
Kenny operates a store, where he sells feed and other supplies to farmers. Heather purchases a $20,000 tractor from Kenny and pays Kenny with $18,000 in cash and $2,000 in corn. How much gross income...
-
Selected transactions for Sophie's Dog Care are as follows during the month of March. March 1 Paid monthly rent of $1,200. 3 Performed services for $140 on account. 5 Performed services for cash of...
-
Hard Puzzle the square root of a matrix A is a matrix R such that RR = A. Show that the matrix Has no square root, while the matrix Has an infinite number of square roots. 0 0
-
Search for a California case that lists the essential elements of a cause of action for a particular contract case. If your library has Witkins Summary of the Law, a multivolume treatise that...
-
a. Use a spreadsheet (or a calculator with a linear regression function) to determine Stock X's beta coefficient. b. Determine the arithmetic average rates of return for Stock X and the NYSE over the...
-
Piper Products sold 426,000 units during the last period when industry volume totaled 3.00 million units. The company originally expected to sell 462,500 based on a budgeted market share of 15...
-
A cylindrical pressure vessel having radius r = 300 mm and wall thickness t = 15 mm is subjected to internal pressure p = 2.5 MPa. In addition, a torque T = 120 kN m acts at each end of the cylinder...
-
Q7. The following table shows the retail price of 12 Titleist Pro Golf balls around the world: a. In which city golf balls are most expensive and least expensive? (Comment on the measure) b....
-
Parker Plastic, Incorporated, manufactures plastic mats to use with rolling office chairs. Its standard cost information for last year follows: Direct materials (plastic) Direct labor Variable...
-
Two positive charges q1 q2 = 2.0 C are located at x = 0, y = 0.3 m and x = 0, y = -0.3 m, respectively. A third point charge q3 = 4.0 C is located at x = 0.4 m, y = 0. a) Make a careful sketch of...
-
Mountain High Ice Cream Company transferred $63,000 of accounts receivable to the Prudential Bank. The transfer was made without recourse. Prudential remits 90% of the factored amount to Mountain...
-
Water has a density (or specific gravity) of 1g/cm 3 . Gold has a density (or specific gravity) of 20g/cm 3 . If a pail of water weighs 2 kg, what does thesame size pail of gold weigh? (hint: density...
-
This Plan Your Own Funeral exercise is designed to promote consideration of end of life choices that we should be prepared to make. The objective is to give you the opportunity to: Understand the...
-
Evaluate (**+4x + 8x+11 x? +2x+1 dx is equal to -x + 2x + R +S + C. Find the expression R+ S. 4 A. In|x + 1| + x+1 C. In]x + 1| x+1 4 6 B. 3 In|x + 1| D. 3 In|x + 1| x+1 x+1
-
What is beacon marketing? What are digital wallets?
-
All transactions involving Notes Payable and related accounts of Pearl Company during 2010 are as follows: Determine the amount of the transactions affecting financing activities and show how they...
-
Annas, Inc., has a $350,000, 4 percent bond issue that was issued a number of years ago at face value. There are now 10 years left on the bond issue, and the market increase rate is 8 percent....
-
Daize Corp. is analyzing a proposal to switch its factory over to a lights-out operation similar to the one discussed in this chapters Decision Point. To do so, it must acquire a fully automated...
-
Explain the differences between marketing strategies and sales strategies.
-
Suggest a general outline marketing planning strategy for 12 months ahead for Graham Keddie.
-
What part should the sales function play when drawing up a detailed 12 months operational marketing plan for EMA?
Study smarter with the SolutionInn App